github
/
codeql
зеркало из https://github.com/github/codeql.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
55 228 коммитов 1 541 ветка 132 Теги 497 MiB
Граф коммитов

3396 Коммитов

Автор SHA1 Сообщение Дата
Alex Ford 606d601923 qlformat 2023-06-01 16:26:05 +01:00
Alex Ford d09f6d318c
Merge branch 'main' into maikypedia/sqli-sink 2023-06-01 15:02:44 +01:00
Alex Ford 40cf09996a
Merge pull request #13066 from maikypedia/maikypedia/sqli-sink-2 
Ruby: Add Sequel as SQL Injection Sink
 2023-06-01 15:01:38 +01:00
Erik Krogh Kristensen 96a720cfa0
Merge pull request #13285 from erik-krogh/redoshelp 
ReDoS: fix whitespace in the samples in ReDoS.qhelp
 2023-06-01 15:53:58 +02:00
Alex Ford 7d943c7621 Ruby: update test output 2023-06-01 13:50:32 +01:00
Alex Ford 4794066d3c
Merge branch 'main' into maikypedia/sqli-sink-2 2023-06-01 13:04:54 +01:00
Maiky 7579f182ad Add requested changes 2023-06-01 11:00:35 +02:00
Maiky 13ce6a6d8e
Update Frameworks.qll 2023-06-01 00:53:01 +02:00
Arthur Baars c211b704f3
Merge pull request #13272 from github/post-release-prep/codeql-cli-2.13.3 
Post-release preparation for codeql-cli-2.13.3
 2023-05-31 15:33:12 +02:00
Michael Nebel 2266e28583
Merge pull request #13262 from michaelnebel/flowsummary/refactorgetcomponentstack 
C#: Re-factor getComponent.
 2023-05-31 08:22:44 +02:00
Arthur Baars 490d22d123 Merge remote-tracking branch 'upstream/main' into post-release-prep/codeql-cli-2.13.3 2023-05-30 21:31:28 +02:00
Arthur Baars d91fa2d038 Ruby: add print-cfg query 2023-05-30 17:30:04 +02:00
Asger F 3831dc7785
Merge pull request #13288 from asgerf/rb/super-and-flow-through 
Ruby: two bug fixes
 2023-05-26 15:04:52 +02:00
Asger F cfaa27ab5d Ruby: change note 2023-05-26 14:44:00 +02:00
yoff af1f4c30fb
Merge pull request #13299 from asgerf/rb/meta-query-summarised-callable-sites 
Ruby/Python: add meta-queries for calls to summarised callables
 2023-05-26 13:27:56 +02:00
Arthur Baars e0466900ad
Merge pull request #12992 from Sim4n6/ruby-UBV 
[Ruby] Add Unicode Bypass Validation query, test and help file
 2023-05-26 13:00:21 +02:00
Alex Ford baabd2d1fa
Merge pull request #12832 from maikypedia/maikypedia/pg-sqli 
Ruby: Add SQL Injection Sinks
 2023-05-26 11:36:17 +01:00
Michael Nebel 915042a881 Minor cleanup and sync files. 2023-05-26 12:25:00 +02:00
Michael Nebel 58fcbc136c Ruby: Re-factor getComponent. 2023-05-26 12:25:00 +02:00
Asger F 1c7f6dc32e Ruby: add meta-query for calls to summarized callables 2023-05-26 11:34:23 +02:00
Alex Ford 609319da20 ruby: update TaintStep.ql test output 2023-05-25 17:53:01 +01:00
Asger F 9e8cef5e1b Ruby: fix type-tracking flow-through for new->initialize calls 2023-05-25 15:03:38 +02:00
Asger F 93678e5d36 Ruby: fix name of super calls in singleton methods 2023-05-25 15:03:34 +02:00
erik-krogh 9f5bf8fb22
also fix the first code-block 2023-05-25 13:56:29 +02:00
erik-krogh 765076bcba
fix whitespace in the samples in ReDoS.qhelp 2023-05-25 13:28:39 +02:00
Sim4n6 52dd247a81
Removed redundant cast 2023-05-25 11:55:13 +01:00
Sim4n6 09c97ce0da
Added one more example to the qhelp 2023-05-25 09:41:22 +01:00
Sim4n6 7d68f6afc9
added ActiveSupport::Multibyte::Chars normalize() sink 2023-05-25 09:21:55 +01:00
Sim4n6 d772bb213a
Added three more Unicode Normalization sinks 2023-05-25 03:10:00 +01:00
Maiky 40450a2792
typo 2023-05-24 17:02:48 +02:00
github-actions[bot] d2e192020b Post-release preparation for codeql-cli-2.13.3 2023-05-24 11:26:12 +00:00
Tom Hvitved 05f3934042
Merge pull request #13251 from hvitved/ruby/call-graph-self-param 
Ruby: Include both `self` parameters and SSA definitions in call graph construction
 2023-05-24 11:10:34 +02:00
Asger F 818753e922
Merge pull request #13265 from asgerf/rb/delete-name-clash 
Ruby: fix some name clashes between summarized callables
 2023-05-24 11:08:56 +02:00
Tom Hvitved b486a4d52c
Merge pull request #13255 from hvitved/ruby/ssa-param-capture-input 
Ruby: Include underlying SSA parameter definition in `localFlowSsaParamCaptureInput`
 2023-05-24 10:40:54 +02:00
Asger F 8bd6f6c450 Ruby: change note 2023-05-24 10:22:22 +02:00
Asger F 6d1a4451fb Ruby: update a test expectation 2023-05-24 10:15:51 +02:00
Maiky 27c1e47ece
Update ruby/ql/lib/change-notes/2023-05-06-pg.md 
Co-authored-by: Jorge <46056498+jorgectf@users.noreply.github.com>
 2023-05-24 01:44:51 +02:00
Maiky 8dca585207 Expected 2023-05-23 20:04:34 +02:00
Maiky ad5355a04a Pg Library, change note and Frameworks.qll 2023-05-23 19:49:03 +02:00
Arthur Baars e33f3a6668
Merge pull request #13154 from aibaars/sync-dbscheme-py 
JS/Ruby/QL/Python: sync dbscheme fragments
 2023-05-23 19:14:29 +02:00
Sim4n6 90c174de4e
Updated the .expected file accordingly 2023-05-23 17:36:50 +01:00
Asger F 0592c8ba99 Ruby: avoid name clash for "assoc" summary 2023-05-23 17:34:19 +02:00
Asger F 50a7b21928 Ruby: fix a name clash for summaries called "delete" 2023-05-23 16:49:17 +02:00
Tom Hvitved eaa84cb819 Ruby: Include underlying SSA parameter definition in `localFlowSsaParamCaptureInput` 2023-05-23 13:56:29 +02:00
Tom Hvitved 349de77474 Ruby: Include both `self` parameters and SSA definitions in call graph construction 2023-05-23 12:28:06 +02:00
Erik Krogh Kristensen 50cb5ea184
Merge pull request #13164 from erik-krogh/polyQhelp 
ReDoS: add another example to the qhelp in poly-redos, showing how to just limit the length of the input
 2023-05-23 09:25:15 +02:00
github-actions[bot] 7aa23cf11d Release preparation for version 2.13.3 2023-05-22 20:47:00 +00:00
Arthur Baars bec2b7fef9 QL/Ruby: update dbscheme stats 2023-05-22 19:37:58 +02:00
Arthur Baars 294cc930e6 Ruby: add upgrade/downgrade scripts 2023-05-22 19:37:51 +02:00
Arthur Baars d2bc66e393 QL: switch to shared YAML extractor 2023-05-22 19:28:59 +02:00